Comment 29 for bug 1700373

Maybe mine is just wishful thinking, but microcode update is hardware initialization, containers boot is software. The former should always happen before the latter.

If you have all this computing infrastructure (hypervisors+guests+containers) then it'd be easy to replicate a container on another (virtual) machine and test the new microcode.
This should be done for any update, not just microcode. An apache update could break your web application. Couldn't it?